/etc/neutron/secret.txt is world readable
Bug #1847230 reported by
James Troup
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Neutron Open vSwitch Charm |
Fix Released
|
High
|
James Page |
Bug Description
/etc/neutron/
information type: | Private Security → Public Security |
Changed in charm-neutron-openvswitch: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
root@wpz230807r c:/etc/ neutron# ls -l secret.txt c:/etc/ neutron# su - nobody -s /bin/bash wpz230807rc: /$ cat /etc/neutron/ secret. txt > /dev/null wpz230807rc: /$
-rw-r--r-- 1 root root 36 Aug 19 17:34 secret.txt
root@wpz230807r
No directory, logging in with HOME=/
nobody@
nobody@